Medical device maker UFP Technologies warns of data stolen in cyberattack
Source: Bleeping Computer
UFP Technologies, a publicly traded American manufacturer of medical devices, disclosed a cybersecurity incident that compromised its IT systems and data.
Company background
UFP Technologies produces a broad range of devices and components used in surgery, wound care, implants, orthopedic applications, and healthcare wearables. The company employs 4,300 people, generates annual revenue of $600 million, and has a market cap of $1.86 billion (source: PitchBook).
Incident details
- Date of detection: February 14 (SEC filing submitted February 25).
- Initial response: The firm isolated affected systems, began remediation, and engaged external cybersecurity advisors.
- Investigation outcome: The threat has been removed, but the attacker was able to steal data from compromised systems.
“Through the Company’s efforts, the Company believes that the third party responsible for this cybersecurity incident has been removed from the Company’s IT systems, and the Company’s ability to access information impacted by this incident has been restored in all material respects,” — SEC filing.
“The incident appears to have impacted many but not all of the Company’s IT systems and affected functions such as billing and label making for customer deliveries. Certain Company or Company‑related data appear to have been stolen or destroyed.”
The mention of data destruction suggests a ransomware or wiper attack, though the specific malware has not been identified.
Impact and response
- Ransomware claims: No ransomware group has publicly claimed responsibility.
- Personal data: UFP Technologies has not yet determined whether personal information was exfiltrated. If confirmed, affected individuals will be notified as required by law.
- Operational status: Primary IT systems remain operational. The company believes the incident is unlikely to have a material impact on its operations or financial results.
BleepingComputer reached out to UFP Technologies for comment on potential encryption or ransom demands; a response was not available at the time of publishing.